waterwn1097 Posted January 7, 2014 Share Posted January 7, 2014 so i am trying to use a form to upload pdf documents to my server remotely. The php code is in its own file called "upload.php". The error I am getting is the die error "The file you attempted to upload is not allowed" therefore something is wrong because I have permissions set for PDF documents which is what I am trying to upload. <?php // Configuration - Your Options $allowed_filetypes = array('.pdf'); // These will be the types of file that will pass the validation. $max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB). $upload_path = './users/'; // The place the files will be uploaded to (currently a 'files' directory). $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension). $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename. // Check if the filetype is allowed, if not DIE and inform the user. if(!in_array($ext,$allowed_filetypes)) die('The file you attempted to upload is not allowed.'); // Now check the filesize, if it is too large then DIE and inform the user. if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize) die('The file you attempted to upload is too large.'); // Check if we can upload to the specified path, if not DIE and inform the user. if(!is_writable($upload_path)) die('You cannot upload to the specified directory, please CHMOD it to 777.'); // Upload the file to your specified path. if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename)) echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a>'; // It worked. else echo 'There was an error during the file upload. Please try again.'; // It failed . ?> here is the HTML form code <center><table width="600" align="center" cellpadding="5"> <form action="upload.php" method="post"> <p><font color="red"><?php print("$message");?></font></p> <tr> <td width="163"><div align="right">File:</div></td> <td width="409"><input type="file" name="userfile" id="file"/></td> </tr> <tr> <td><div align="right"></div></td> <td><input type="submit" name="Submit" value="submit" /></td> </tr> </form> </table> </center> thanks Quote Link to comment Share on other sites More sharing options...
GetFreaky Posted January 7, 2014 Share Posted January 7, 2014 print $ext, and see what you get. Quote Link to comment Share on other sites More sharing options...
cyberRobot Posted January 7, 2014 Share Posted January 7, 2014 Perhaps it's a case issue? You could trying using strtolower() on the $ext variable. http://www.php.net/strtolower Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted January 7, 2014 Share Posted January 7, 2014 (edited) something i always recommend when validating user supplied input, is to have the failure message display the submitted value that failed the test along with the permitted values (as long as it doesn't expose any security information.) this will make your code self-troubleshooting and help the user by telling him exactly why something he did failed. btw - your form is missing the enctype that would allow the upload to work at all. your code must test if the upload worked before you can use ANY of the uploaded file information. Edited January 7, 2014 by mac_gyver Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.